UNC path exclusion cannot be done with Deep Security Virtual Appliance (DSVA) due to the VMware's Thin Driver API in use. The procedure below is for Deep Security Agent (DSA) protected machines only.

Most common environment variables (e.g. ${windir}, ${programfiles}, ${systemroot}) are supported. It is recommended to use the common variables only, and configure other items under Environment Variable Overrides.

To exclude a UNC path from scanning:

A. Create an Environment Variable for the UNC path.

1. On the DSM console, click the Policies tab and then go to the specific policy (e.g. Windows Antimalware Protection) or the Base policy.
2. Click Settings in the left panel and then go to the Computer tab.
3. Under Environment Variable Overrides, click View Environment Variables. 

   

4. Click New.
5. Provide a variable name and then enter "\\" as the value for all UNC paths, or "\\10.X.X.X\” for a specific UNC path.

   Note that the excluded paths are case-sensitive. Below are some examples:

   • To exclude all UNC paths:

     Name: all_uncpath
     Value: \\

   • To exclude a specific UNC path only:

     Name: unc_path1
     Value: \\10.x.x.x\

   

6. Click OK.

B. Add the Environment Variable to the Directory Exclusion list.

1. On the DSM console, click the Policies tab and then go to the specific policy (e.g. Windows Antimalware Protection) or Base policy.
2. Click Anti-Malware in the left column.
3. Click the General tab and then click Edit in the Real-Time Scan Settings section.
4. Go to the Exclusions tab.
5. Select Directory List and then click New or Edit Directory List.
6. Under General tab, provide a name for this directory exclusion list.
7. In the Directory field, enter the variable you created. For example, “${all_uncpath}” or “${unc_path1}”.

   

8. Click OK.

The specified UNC path/s will now be exempt from scanning.